In the existing Industrial Control System (ICS), wire communication was used mostly, because of the strict conditions by the characteristics of the environment of the industry, such as real-time communication, time-limited processing, high availability, functional safety, and security, but a lot of costs and issues occurred due to high costs of maintenance, lack of scalability and lack of interoperability. Accordingly, studies to solve these problems by applying the wireless communication technology to the existing ICT to the ICS began to be conducted, and wireless communication technologies and protocols specialized in the industrial environment began to be studied and applied. However, despite the necessity of security is gradually increasing in the ICS, there are lacking studies to test and evaluate the security of the wireless communication technology, so it is urgently necessary to conduct a related study.
This study proposes a security assurance technology of the devices using the relevant standard, focusing on ISA100.11a, one of the ICS wireless communication protocols. The proposed security assurance technology is divided broadly into communication testing and security function assessment, and the communication testing is divided into baseline operation testing, resource robustness testing, and packet manipulation testing. A security function assessment conducted with the devices that have passed communication testing is proposed differing the required items, divided by the components of ISA100.11a, such as a field device, backbone router, and host so that an assessment appropriate for the hardware specifications and roles of each component is achieved. In addition, this study seeks to facilitate the implementation and application of the proposed security assurance technology by proposing concrete methods or criteria for communication testing and security function assessment. Lastly, this study attempts to verify the conformance of the proposed security assurance by testing the security assurance technology in a test-bed with a network environment where the standard ISA100.11a can work network environment.
